DOCSLIB.ORG

Windows Server 2012 R2 Server Management and Automation

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text

Load more

Windows Server 2012 R2 Server Management and Automation Published: 15 November 2013 Copyright Information © 2013 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. Some examples depicted herein are provided for illustration only and are fictitious. No real association or connection is intended or should be inferred. You bear the risk of using it. This document does not provide you with any legal rights to any intellectual property in any Microsoft product. You may copy and use this document for your internal, reference purposes. You may modify this document for your internal, reference purposes. 2 Contents Introduction .................................................................................................................................................. 4 Standards-based approach to management in Windows Server 2012 R2 ................................................. 5 Technical description ............................................................................................................................... 5 Standard API improvements .................................................................................................................... 5 Standard protocols ................................................................................................................................... 6 Standard management tools ................................................................................................................... 8 Simplifying your daily routine tasks with Windows PowerShell .............................................................. 11 Technical description ............................................................................................................................. 11 Robust Session Connectivity ............................................................................................................... 11 Disconnected Sessions ........................................................................................................................ 11 Job scheduling ..................................................................................................................................... 12 Windows PowerShell ISE ..................................................................................................................... 13 Windows PowerShell Workflow ......................................................................................................... 15 Windows PowerShell Web Access ...................................................................................................... 22 Updatable Help ................................................................................................................................... 24 New cmdlets ....................................................................................................................................... 24 Desired State Configuration ................................................................................................................... 25 Defining a configuration ..................................................................................................................... 26 Rules for nesting node and configuration blocks................................................................................ 28 Declaring configuration parameters ................................................................................................... 29 Summary ................................................................................................................................................. 30 Multi-server management and feature deployment with Server Manager ............................................ 31 Technical description ............................................................................................................................. 31 Multiserver experience ....................................................................................................................... 31 Efficient deployment of workloads to a remote server or offline virtual hard disk ........................... 32 Installing roles and features on a remote server or offline virtual hard disk ..................................... 32 Batch deployment ............................................................................................................................... 33 Integration with other management tools ............................................................................................ 33 Server role management across multiple servers .............................................................................. 33 Minimal performance impact ................................................................................................................ 35 Remote Server Admin Tools .................................................................................................................. 35 Summary ................................................................................................................................................. 35 Conclusion .................................................................................................................................................. 36 3 Introduction With Windows Server 2012 R2, Microsoft brings its experience in building and operating public clouds to the server operating system, helping to make it a dynamic, highly available, and cost-effective platform for private clouds. Windows Server 2012 R2 offers businesses and hosting providers a basis for a scalable, dynamic, and multitenant-aware cloud infrastructure that more securely connects across premises and helps IT to respond to business needs faster and more efficiently. Windows Server 2012 R2 offers excellent total cost of ownership (TCO) as an integrated platform with comprehensive, multicomputer manageability. There are three ways in which Windows Server 2012 R2 improves multicomputer management: Standards-based management approach: The focus on industry standards used in Windows Server 2012 R2 enables greater manageability across both Windows and non-Window devices alike. Also, it stretches the manageability to hardware such as network switch and storage. Windows PowerShell 4.0: Based on the comprehensive automation capabilities in PowerShell 3.0, Windows PowerShell 4.0 enhances its ability to automate your daily tasks in a much efficient way to a heterogeneous environment. Server Manager: Server Manager in Windows Server 2012 R2 helps you deploy and manage roles and features on the local server and remote servers, whether physical or virtual. The following sections provide more detail about these features of Windows Server 2012 R2. 4 Standards-based approach to management in Windows Server 2012 R2 Technical description Windows Server 2012 R2 continues to improve the management experience within the datacenter and cloud environment through its enhanced application of standards-based management frameworks. Microsoft Windows has long supported standards-based management and has participated in organizations such as the Distributed Management Task Force (DMTF). These efforts have led to the development of Windows Management Instrumentation (WMI) and Windows Remote Management (WinRM). WMI is the Windows implementation of a Common Information Model (CIM) object manager, and WinRM is the implementation of the Web Services Management (WS-Man) protocol. Both CIM and WS-Man are standards released by the DMTF. Windows Server 2012 R2 enhances the manageability of datacenters through significant improvements in the standards-based infrastructure. It does this by delivering application programming interfaces (APIs) that are easier for developers and IT Pros to use. These APIs provide support for recent standards and add new kinds of Windows PowerShell cmdlets that make it simpler and more cost-effective to connect to and manage multiple servers and devices in the datacenter. Figure 1: Improvements in Windows standards-based management components Standard API improvements Since the release of WMI, the number of management products and tools that consume its providers has steadily grown, but this traditionally has not been matched by a proportional increase in providers. The challenge for developers was that writing a WMI provider required extensive knowledge of Component Object Model (COM) coding. This made writing providers time consuming, and provided little benefit to the developer. In Windows Server 2012 R2, Microsoft introduces the Management Infrastructure APIs for Windows (MI APIs), which greatly simplify the development of new providers and client applications. These new MI APIs are available in both native (C/C++) code and managed (.NET) code for client development, and native code for provider development. The APIs remove the need to do COM coding, and they come with tools that generate code skeletons and schema from the class definition described in a MOF file. This makes provider development much easier and allows developers to spend their time on developing 5 the business logic. A provider written using the new MI APIs can be called from the previous release of WMI, as well as from any non-Windows client application that uses the current DMTF WS-Man standard to connect to the Windows Server 2012 R2 system. In addition, the new MI APIs
Recommended publications
  • Win32 API 1.Pdf

    Win32 API 1.Pdf

    Win32 Programming for Microsoft Windows NT Windows NT is designed to address the changing requirements of the computing world. It is written mainly in C and is crafted in such a way as to make its functionality extensible, and to ease the porting of the code from one hardware platform to another. This enables the ability to take advantage of multiprocessor and RISC computers, and to distribute tasks to other computers on the network, transparently. Whilst providing applications and users with the ability to use the power of local and remote machines, Windows NT must offer compatibility to applications and users. Users must feel comfortable with the interface, and be able to run existing high-volume applications. Existing applications have to port simply to the new environment to take advantage of its power. So, the user interface is compatible with existing Microsoft systems and existing programming APIs are supported and have been extended. To be considered a major player in the server arena, Windows NT has to offer reliable, robust support for ‘mission critical’ software. This means the system should be fault tolerant, protecting itself from malfunction and from external tampering. It should behave predictably and applications should not be able to adversely affect the system or each other. It should also have a security policy to protect the use of system resources, and implement resource quotas and auditing. Networking is built in, with high level programming and user interfaces available. Remote access to other machines on various networks is almost transparent. Because applications have to perform to an expected level, the system should be fast and responsive on each hardware platform.
  • Installation and Configuration Guide

    Installation and Configuration Guide

    NetApp SANtricity® SMI-S Provider 11.53 Installation and Configuration Guide December 2019 | 215-13407_C0 [email protected] Table of Contents About This Guide ............................................................................................................................. 1 Overview of the NetApp SANtricity SMI-S Provider ...................................................................... 1 What’s New ................................................................................................................................1 Abbreviations, Acronyms, Terms, and Definitions ........................................................................ 1 Supported Profiles and Subprofiles ............................................................................................. 1 Supported Operating Systems for SMI-S .................................................................................... 2 Supported Firmware Versions ........................................................................................................ 3 System Requirements ..................................................................................................................... 3 Installing and Uninstalling SMI-S Provider ..................................................................................... 4 Windows operating system install and uninstall process ............................................................... 4 Installing SMI-S Provider (Windows operating system) .....................................................
  • Windows Kernel Hijacking Is Not an Option: Memoryranger Comes to The

    Windows Kernel Hijacking Is Not an Option: Memoryranger Comes to The

    WINDOWS KERNEL HIJACKING IS NOT AN OPTION: MEMORYRANGER COMES TO THE RESCUE AGAIN Igor Korkin, PhD Independent Researcher Moscow, Russian Federation [email protected] ABSTRACT The security of a computer system depends on OS kernel protection. It is crucial to reveal and inspect new attacks on kernel data, as these are used by hackers. The purpose of this paper is to continue research into attacks on dynamically allocated data in the Windows OS kernel and demonstrate the capacity of MemoryRanger to prevent these attacks. This paper discusses three new hijacking attacks on kernel data, which are based on bypassing OS security mechanisms. The first two hijacking attacks result in illegal access to files open in exclusive access. The third attack escalates process privileges, without applying token swapping. Although Windows security experts have issued new protection features, access attempts to the dynamically allocated data in the kernel are not fully controlled. MemoryRanger hypervisor is designed to fill this security gap. The updated MemoryRanger prevents these new attacks as well as supporting the Windows 10 1903 x64. Keywords: hypervisor-based protection, Windows kernel, hijacking attacks on memory, memory isolation, Kernel Data Protection. 1. INTRODUCTION the same high privilege level as the OS kernel, and they also include a variety The security of users’ data and of vulnerabilities. Researchers applications depends on the security of consider that “kernel modules (drivers) the OS kernel code and data. Modern introduce additional attack surface, as operating systems include millions of they have full access to the kernel’s lines of code, which makes it address space” (Yitbarek and Austin, impossible to reveal and remediate all 2019).
  • Illustrated Tutorial: Creating a Bootable USB Flash Drive for Windows XP

    Illustrated Tutorial: Creating a Bootable USB Flash Drive for Windows XP

    Illustrated tutorial: Creating a bootable Version 1.0 February 15, 2007 USB flash drive for Windows XP By Greg Shultz The ability to boot Windows XP from a USB Flash Drive (UFD) offers endless possibilities. For example, you might make an easy-to-use troubleshooting tool for booting and analyzing seemingly dead PCs. Or you could transport your favorite applications back and forth from home to work without having to install them on both PCs. However, before you can create a bootable UFD, you must clear a few hurdles. You saw that one coming didn’t you? The first hurdle is having a PC in which the BIOS will allow you to configure the USB port to act as a bootable device. The second hurdle is having a UFD that that will work as a bootable device and that’s large enough and fast enough to boot an operating system such as Windows XP. The third hurdle is finding a way to condense and install Windows XP on a UFD. If you have a PC that was manufactured in the last several years, chances are that its BIOS will allow you to configure the USB port to act as a bootable device. If you have a good qual- ity UFD that’s at least 512 KB and that was manufactured in the last couple of years, you’ve probably cleared the second hurdle. And once you’ve cleared those first two hur- dles, the third one is a piece of cake. All you have to do is download and run some free soft- ware to create the bootable UFD.
  • Semi-Automated Parallel Programming in Heterogeneous Intelligent Reconfigurable Environments (SAPPHIRE) Sean Stanek Iowa State University

    Semi-Automated Parallel Programming in Heterogeneous Intelligent Reconfigurable Environments (SAPPHIRE) Sean Stanek Iowa State University

    Iowa State University Capstones, Theses and Graduate Theses and Dissertations Dissertations 2012 Semi-automated parallel programming in heterogeneous intelligent reconfigurable environments (SAPPHIRE) Sean Stanek Iowa State University Follow this and additional works at: https://lib.dr.iastate.edu/etd Part of the Computer Sciences Commons Recommended Citation Stanek, Sean, "Semi-automated parallel programming in heterogeneous intelligent reconfigurable environments (SAPPHIRE)" (2012). Graduate Theses and Dissertations. 12560. https://lib.dr.iastate.edu/etd/12560 This Dissertation is brought to you for free and open access by the Iowa State University Capstones, Theses and Dissertations at Iowa State University Digital Repository. It has been accepted for inclusion in Graduate Theses and Dissertations by an authorized administrator of Iowa State University Digital Repository. For more information, please contact [email protected]. Semi-automated parallel programming in heterogeneous intelligent reconfigurable environments (SAPPHIRE) by Sean Stanek A dissertation submitted to the graduate faculty in partial fulfillment of the requirements for the degree of DOCTOR OF PHILOSOPHY Major: Computer Science Program of Study Committee: Carl Chang, Major Professor Johnny Wong Wallapak Tavanapong Les Miller Morris Chang Iowa State University Ames, Iowa 2012 Copyright © Sean Stanek, 2012. All rights reserved. ii TABLE OF CONTENTS LIST OF TABLES .....................................................................................................................
  • Microsoft Service Pack & Security Bulletin Support

    Microsoft Service Pack & Security Bulletin Support

    Microsoft Service Pack & Security Bulletin Support ReadMe Revision History Date Revised Changes Made March 23, 2020 March 2020 Microsoft Security Update Contents What’s New? . 1 Microsoft Security Bulletins . 2 Current Microsoft Security Bulletin Status . 2 Enabling Windows Updates on Avid Systems . 6 Using a Microsoft WSUS Server for distributing Windows Updates. 7 Historical List of Microsoft Security Bulletin Exceptions . 7 What’s New? For March security bulletins, see “Current Microsoft Security Bulletin Status” on page 2. The section on “Notification Regarding the January 2020 Windows Updates” on page 3 has been updated to include information on MediaCentral Asset Management and MediaCentral Newsroom Management. See also http://avid.force.com/pkb/articles/en_US/Troubleshooting/en239659. Microsoft Security Bulletins Microsoft Security Bulletins Install Windows Security Patches and Service Packs. To download patches, run Windows Update. By default Avid supports all Windows Service Packs and security patches (sometimes referred to as “hot fixes”) which apply to the environments in which Avid products are deployed. We refer to them as Windows Updates in this document. Customers can schedule the download and installation of Windows Updates whenever they are available and make sense in their production environment. Avid tests the updates within several days of their availability. However, customers do not have to wait for the testing to be complete before installing the updates. Our current testing methodology is to utilize Windows Update on a representative sample of Avid products upon notification of new Security Bulletin availability by Microsoft. These systems are updated and observed while under test. Once the test period has completed (approx.
  • System Requirements

    System Requirements

    Trend Micro Incorporated reserves the right to make changes to this document and to the products described herein without notice. Before installing and using the software, please review the readme files, release notes, and the latest version of the applicable user documentation, which are available from the Trend Micro website at: http://docs.trendmicro.com/en-us/enterprise/officescan.aspx Trend Micro, the Trend Micro t-ball logo, and OfficeScan are trademarks or registered trademarks of Trend Micro Incorporated. All other product or company names may be trademarks or registered trademarks of their owners. Copyright © 2017 Trend Micro Incorporated. All rights reserved. Release Date: October 2017 Protected by U.S. Patent No. 5,623,600; 5,889,943; 5,951,698; 6,119,165 Table of Contents Chapter 1: OfficeScan Server Installations Fresh Installations on Windows Server 2008 R2 Platforms .............................................................................................................................................................................. 1-2 Fresh Installations on Windows Server 2012 Platforms ..................................................................................................................................................................................... 1-3 Fresh Installations on Windows Server 2016 Platforms ..................................................................................................................................................................................... 1-4 Fresh Installations
  • Migrating Active Directory to Windows Server 2012 R2

    Migrating Active Directory to Windows Server 2012 R2

    Windows Server 2012 R2 Migrating Active Directory to Windows Server 2012 R2 Hands-on lab In this lab, you will complete a migration of a Windows Server 2008 R2 domain environment to Windows Server 2012 R2 with no downtime to clients. All roles currently held including FSMO, DHCP and DNS will be transferred to enable the Windows Server 2008 R2 domain controller to be retired. Produced by HynesITe, Inc. Version 1.0 12/15/2013 This document supports a preliminary release of a software product that may be changed substantially prior to final commercial release. This document is provided for informational purposes only and Microsoft makes no warranties, either express or implied, in this document. Information in this document, including URL and other Internet Web site references, is subject to change without notice. The entire risk of the use or the results from the use of this document remains with the user. Unless otherwise noted, the companies, organizations, products, domain names, e-mail addresses, logos, people, places, and events depicted in examples herein are fictitious. No association with any real company, organization, product, domain name, e-mail address, logo, person, place, or event is intended or should be inferred. Complying with all applicable copyright laws is the responsibility of the user. Without limiting the rights under copyright, no part of this document may be reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means (electronic, mechanical, photocopying, recording, or otherwise), or for any purpose, without the express written permission of Microsoft Corporation.
  • The Flask Security Architecture: System Support for Diverse Security Policies

    The Flask Security Architecture: System Support for Diverse Security Policies

    The Flask Security Architecture: System Support for Diverse Security Policies Ray Spencer Secure Computing Corporation Stephen Smalley, Peter Loscocco National Security Agency Mike Hibler, David Andersen, Jay Lepreau University of Utah http://www.cs.utah.edu/flux/flask/ Abstract and even many types of policies [1, 43, 48]. To be gen- erally acceptable, any computer security solution must Operating systems must be flexible in their support be flexible enough to support this wide range of security for security policies, providing sufficient mechanisms for policies. Even in the distributed environments of today, supporting the wide variety of real-world security poli- this policy flexibility must be supported by the security cies. Such flexibility requires controlling the propaga- mechanisms of the operating system [32]. tion of access rights, enforcing fine-grained access rights and supporting the revocation of previously granted ac- Supporting policy flexibility in the operating system is cess rights. Previous systems are lacking in at least one a hard problem that goes beyond just supporting multi- of these areas. In this paper we present an operating ple policies. The system must be capable of supporting system security architecture that solves these problems. fine-grained access controls on low-level objects used to Control over propagation is provided by ensuring that perform higher-level functions controlled by the secu- the security policy is consulted for every security deci- rity policy. Additionally, the system must ensure that sion. This control is achieved without significant perfor- the propagation of access rights is in accordance with mance degradation through the use of a security decision the security policy.
  • Security Policy for FIPS 140-2 Validation

    Security Policy for FIPS 140-2 Validation

    BitLocker Windows Resume Security Policy for FIPS 140‐2 Validation BitLocker® Windows Resume (winresume) in Microsoft Windows 8.1 Enterprise Windows Server 2012 R2 Windows Storage Server 2012 R2 Surface Pro 3 Surface Pro 2 Surface Pro Windows Embedded 8.1 Industry Enterprise StorSimple 8000 Series DOCUMENT INFORMATION Version Number 2.0 Updated On April 22, 2015 © 2015 Microsoft. All Rights Reserved Page 1 of 19 This Security Policy is non‐proprietary and may be reproduced only in its original entirety (without revision). BitLocker Windows Resume The information contained in this document represents the current view of Microsoft Corporation on the issues discussed as of the date of publication. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information presented after the date of publication. This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, AS TO THE INFORMATION IN THIS DOCUMENT. Complying with all applicable copyright laws is the responsibility of the user. This work is licensed under the Creative Commons Attribution-NoDerivs- NonCommercial License (which allows redistribution of the work). To view a copy of this license, visit http://creativecommons.org/licenses/by-nd-nc/1.0/ or send a letter to Creative Commons, 559 Nathan Abbott Way, Stanford, California 94305, USA. Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights covering subject matter in this document. Except as expressly provided in any written license agreement from Microsoft, the furnishing of this document does not give you any license to these patents, trademarks, copyrights, or other intellectual property.
  • Docker Windows Task Scheduler

    Docker Windows Task Scheduler

    Docker Windows Task Scheduler Genealogical Scarface glissading, his karyotype outgone inflicts overflowingly. Rudolph is accessorial and suckers languorously as sociologistic Engelbart bridled sonorously and systematises sigmoidally. Which Cecil merchandises so unbelievably that Cole comedowns her suavity? Simple task runner that runs pending tasks in Redis when Docker container. With Docker Content Trust, see will soon. Windows Tip Run applications in extra background using Task. Cronicle is a multi-server task scheduler and runner with a web based front-end UI It handles both scheduled repeating and on-demand jobs targeting any. Django project that you would only fetch of windows task directory and how we may seem. Docker schedulers and docker compose utility program by learning service on a scheduled time, operators and manage your already interact with. You get a byte array elements followed by the target system privileges, manage such data that? Machine learning service Creatio Academy. JSON list containing all my the jobs. As you note have noticed, development, thank deity for this magazine article. Docker-crontab A docker job scheduler aka crontab for. Careful with your terminology. Sometimes you and docker schedulers for task failed job gets silently redirected to get our task. Here you do want to docker swarm, task scheduler or scheduled background tasks in that. Url into this script in one easy to this was already existing cluster created, it retry a little effort. Works pretty stark deviation from your code is followed by searching for a process so how to be executed automatically set. Now docker for windows service container in most amateur players play to pass as.
  • Exploring the Windows Server 2008 Interface

    Exploring the Windows Server 2008 Interface

    LAB 1 EXPLORING THE WINDOWS SERVER 2008 INTERFACE This lab contains the following projects and activities: Project 1.1 Modifying Basic Server Settings Project 1.2 Configuring TCP/IP Settings Project 1.3 Configuring a Second Windows Server 2008 Computer (Optional) Project 1.4 Configuring a Windows Server 2008 Server Core Computer (Optional) Lab Review Questions Lab Challenge Verifying Active Directory SRV Records 1.1 COPYRIGHTED MATERIAL BEFORE YOU BEGIN Lab 1 assumes that setup has been completed as specified in the setup document and that your computer has connectivity to other lab computers and the Internet. To perform all projects in Lab 1, you will need: • Two (2) full installations of Windows Server 2008 • One (1) Server Core installation of Windows Server 2008 2 Microsoft Windows Server 2008 Active Directory Configuration For subsequent labs, optional projects are provided that involve a second server running the full GUI version of Windows Server 2008 to be configured as a Read- Only Domain Controller and a third server running Windows Server 2008 Server Core. You can use multiple physical computers, or you can use Microsoft Virtual PC or Virtual Server to install and run multiple servers on a single machine. This manual assumes that you are using multiple virtual machines under Microsoft Virtual PC. In the optional projects for this lab, Projects 1.3 and 1.4, you will configure the second and third servers necessary to perform the optional projects in future lessons. The instructor PC is preconfigured as a domain controller in the lucernepublishing.com domain for demonstration purposes; it is named INSTRUCTOR01.